| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
k5-platform.h. Add 64-bit serializer support. [Not needed for ticket 1471,
but needed for 2040 and annoying to check in separately.]
Add to (internal for now) crypto API a function to get the mandatory checksum
type associated with an enctype.
New support for server-generated subkey, selected via an auth_context flag.
ticket: 1471
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15908 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Also, handle correctly implemented RFC 1510 KRB-SAFE i.e., checksummed
over KRB-SAFE-BODY only.
ticket: 1893
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15831 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 1586
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15829 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
include/krb5/autoconf.h.in and */configure if it's not enabled. Anything else
we should only rebuild in maintainer mode?
* aclocal.m4 (KRB5_AC_MAINTAINER_MODE): New macro.
(CONFIG_RULES): Invoke it.
* config/post.in (configure): Make configure depend on configure.in and
aclocal.m4 only if maintainer mode is enabled.
* include/Makefile.in ($(srcdir)/krb5/autoconf.h.in): Depend on autoconf.stmp
only if maintainer mode is enabled.
ticket: 1588
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15825 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
address field used on Windows.
ticket: 1586
status: open
owner: jaltman@mit.edu
target_version: 1.3.2
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15820 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
it doesn't know setsid is available. It's using autoconf.h, but no
longer using the defines set in lib/krb5/posix/Makefile.
* configure.in: Check for setsid() and <paths.h>.
ticket: 1847
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15817 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
change. It should be in the 1.4 release. (Next 1.3.x release? I don't know.)
* fake-addrinfo.h (WRAP_GETADDRINFO, COPY_FIRST_CANONNAME): Don't define on
Linux unless HAVE_GETADDRINFO is defined, for libc5 compatibility.
ticket: 1711
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15802 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
(krb5_rc_resolve_full, krb5_rc_get_type, krb5_rc_default_type)
(krb5_rc_default_name, krb5_auth_to_rep): Private declarations moved...
* k5-int.h: ...to here.
ticket: 1784
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15798 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
* k5-int.h (labs, HAVE_LABS): Never define.
* win-mac.h (HAVE_LABS): Don't define.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15796 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15794 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15793 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15791 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
data structure with a NULL ifa_addr field.
ticket: 1770
version_reported: 1.3
target_version: 1.3.2
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15790 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
HAVE_GETADDRINFO is defined.
ticket: 1380
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15784 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fake-addrinfo.h (inline): Move definitions further up, before first use. Do
use __inline__ for gcc without c99 support.
(GET_SERV_BY_NAME) [!GETSERVBYNAME_R_RETURNS_INT]: Fix invocation for IRIX
definition.
* socket-utils.h: Include port-sockets.h to get a definition for struct
sockaddr_storage.
ticket: 1380
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15783 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
ticket: 1380
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15782 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fake-addrinfo.h: Delete the unused WRAP_GETNAMEINFO support.
(HAVE_GETADDRINFO) [__APPLE__ && __MACH__]: Don't undefine.
(FAI_CACHE) [__APPLE__ && __MACH__]: Define.
(system_getaddrinfo, system_freeaddrinfo, system_getnameinfo): New functions.
(gaiptr, faiptr, gniptr): Variables deleted. Change references to use the
system_* functions above.
(getaddrinfo, freeaddrinfo) [FAI_CACHE]: Define as macros to the my_fake_*
versions.
(protoname, socktypename, familyname): Use caller-supplied buffers instead of
local static buffers.
(debug_dump_getaddrinfo_args): Provide a buffer.
(NEED_FAKE_GETNAMEINFO): Define if HAVE_GETADDRINFO is not defined.
(inline): Rework macros to test for C99 and IRIX.
(NEED_FAKE_GETADDRINFO): Define if FAI_CACHE is defined.
(fai_add_entry) [KRB5_USE_INET6]: Support IPv6.
(CACHE_ENTRY_LIFETIME): New macro.
(struct face, struct fac): New types.
(fac): New static variable.
(plant_face, find_face): New functions.
(fai_add_hosts_by_name) [FAI_CACHE]: Check the cache before looking up the
hostname. Add the looked-up host info to the cache.
(fake_getaddrinfo): Call GET_SERV_BY_NAME instead of conditionally calling
getservbyname or getservbyname_r. Don't pass AF_INET to
fai_add_hosts_by_name.
(fake_getnameinfo): Define only if NEED_FAKE_GETNAMEINFO is defined.
(gai_strerror): Define if either HAVE_FAKE_GETADDRINFO or NEED_FAKE_GETNAMEINFO
is defined.
(getaddrinfo): Do define function if FAI_CACHE is defined.
(getnameinfo): Define only if NEED_FAKE_GETNAMEINFO is defined.
ticket: 1380
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15780 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15769 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
ticket: 1702
tags: pullup
target_version: 1.3.2
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15748 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
KRB5_PRIVATE.
They are required for many applications including OpenAFS and UMich's Kx509. 1.2.8
had them public but the change was never reflected on the trunk.
Ticket: 1702
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15747 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 1683
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15717 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
pointers for key sizes, block sizes, etc., when the values are always constant
for each encryption or hash mechanism.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15714 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
for now.
ticket: 1404
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15709 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 1679
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15701 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
ticket: 1655
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15678 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
ticket: 1621
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15647 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
* krb524.c (krb524_convert_creds_kdc, krb524_init_ets): Mark as
KRB5_CALLCONV_WRONG.
(krb524_init_ets): Takes a krb5_context.
ticket: 1596
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15615 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
* k5-int.h (struct srv_dns_entry): Declare.
(krb5int_make_srv_query_realm, krb5int_free_srv_dns_data): Declare.
(struct _krb5int_access): Add make_srv_query_realm and free_srv_dns_data fields.
ticket: 1550
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15595 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
ticket: 1549
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15561 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
ticket: 1190
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15528 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide old names as functions for UNIX/MacOS binary compatibility, and
deprecated macros for source code compatibility. (For Windows, we'll still
need a krb524.dll, and it can worry about providing the old names.) Enable
support on Windows always.
ticket: 1491
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15513 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
cleaning up.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15496 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
ticket: 1262
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15493 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
* kdb.h: Add prototype for krb5_db_iterate_ext.
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15492 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move libkrb524 code, including error table, into libkrb5. Now libkrb5
initialization pulls in the krb524 error table, so krb524_init_ets is
gone; all calls deleted.
Move krb4 life/time conversion functions into libkrb5 under new names,
using accessor hooks to get at them from libkrb4.
Move declarations from krb524.h into krb5.h, k5-int.h, or krb524d.h;
the last doesn't get copied into the include directory. Changed
inclusions of krb524.h to the appropriate files, if any were needed.
Rebuilt dependencies in Makefiles.
These changes are likely to break the Windows build; I'll look into
that soon.
ticket: 1491
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15491 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
ticket: 1263
target_version: 1.3
tags: pullup
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15479 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
ticket: 1483
tags: pullup
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15469 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
Since none of the functions it calls can return an error, this should
return void.
Ticket: new
Target_Version: 1.3
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15465 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
krb5_get_in_tkt_with_keytab in terms of krb5_get_init_creds.
It turns out that these do in fact need to use get_init_creds not
get_init_creds_{password,keytab} because of those functions do not
allow the AS request to be returned.
Ticket: 1480
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15461 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
sequence numbers which folds received negative sequence numbers into
positive unsigned numbers. Constrain the space of initial sequence
numbers to facilitate backwards compatibility.
ticket: 1262
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15457 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
* krb5.hin (KRB5_KPASSWD_ACCESSDENIED): New macro.
(KRB5_KPASSWD_BAD_VERSION, KRB5_KPASSWD_INITIAL_FLAG_NEEDED): New macros.
ticket: 1441
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15454 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Ticket: 1470
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15425 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
enctypes (currently AES but anything not explicitly listed as old)
then only etype_info2 is sent back in response. Send back etype_info2
all the time. Also send back etype_info2 to provide salt and
s2kparams with AS reply not just for preauth errors.
* Expose interface for getting string2key with parameters (previously
implemented but not exported)
* IN the client (at least for get_init_creds interface) prfer
etype_info2 to etype_info and pw_salt. Pass s2kparams and use
string2key_with_params.
Ticket: 1454
Status: open
Target_Version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15412 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
applications cannot override, and use it for ticket-granting tickets needed to
acquire some desired service ticket.
ticket: 1429
tags: pullup
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15411 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to send_subkey and recv_subkey, respectively. Add new APIs to query
and set these fields. Change the behavior of mk_req_ext, rd_req_dec,
and rd_rep to set both subkeys. Applications wanting to set
unidirectional subkeys may still do so by saving the values of subkeys
and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use
the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the
send_subkey.
ticket: 1415
status: open
tags: pullup
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
decoders.
Ticket: 1454
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15393 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
not provided by the OS.
ticket: 1435
target_version: 1.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15391 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
allocated and freed at the same time, even if in different files.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15378 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
by Paul Nelson.
Ticket: 1377
Status: open
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15373 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
and if the command fails, try it again with --localdir; don't tie it to some
previously used version of autoconf.
ticket: 1242
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15370 dc483132-0cff-0310-8789-dd5450dbe970
|